Security News > 2025 > March > Veeam RCE bug lets domain users hack backup servers, patch now
2025-03-20 23:30
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]
News URL
Related news
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-20 | CVE-2025-23120 | A vulnerability allowing remote code execution (RCE) for domain users. | 0.0 |